You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by as...@apache.org on 2013/06/14 15:50:32 UTC
svn commit: r1493072 [3/3] - in /cxf/trunk/services/xkms:
xkms-client/src/main/resources/OSGI-INF/blueprint/
xkms-common/src/main/java/org/apache/cxf/xkms/handlers/ xkms-features/
xkms-features/src/main/resources/ xkms-itests/ xkms-itests/src/test/java...
Added: cxf/trunk/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidatorTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidatorTest.java?rev=1493072&view=auto
==============================================================================
--- cxf/trunk/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidatorTest.java (added)
+++ cxf/trunk/services/xkms/xkms-x509-handlers/src/test/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidatorTest.java Fri Jun 14 13:50:30 2013
@@ -0,0 +1,135 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.xkms.x509.validator;
+
+import java.io.File;
+import java.io.InputStream;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.util.Arrays;
+
+import javax.xml.bind.JAXBElement;
+import javax.xml.bind.JAXBException;
+
+import org.apache.cxf.helpers.FileUtils;
+import org.apache.cxf.xkms.handlers.Applications;
+import org.apache.cxf.xkms.model.xkms.KeyBindingEnum;
+import org.apache.cxf.xkms.model.xkms.ReasonEnum;
+import org.apache.cxf.xkms.model.xkms.StatusType;
+import org.apache.cxf.xkms.model.xkms.UseKeyWithType;
+import org.apache.cxf.xkms.model.xkms.ValidateRequestType;
+import org.apache.cxf.xkms.x509.repo.file.FileCertificateRepo;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+
+public class TrustedAuthorityValidatorTest extends BasicValidationTest {
+ private static final String PATH_TO_RESOURCES = "/trustedAuthorityValidator/";
+ private final X509Certificate certificateRoot;
+ private final X509Certificate certificateAlice;
+ private FileCertificateRepo certificateRepo;
+
+ public TrustedAuthorityValidatorTest() throws CertificateException {
+ certificateRoot = readCertificate("root.cer");
+ certificateAlice = readCertificate("alice.cer");
+ }
+
+ @Before
+ public void setUpCertificateRepo() throws CertificateException {
+ File storageDir = new File("target/teststore_trusted_authority_validator");
+ FileUtils.removeDir(storageDir);
+ storageDir.mkdirs();
+ certificateRepo = new FileCertificateRepo("target/teststore_trusted_authority_validator");
+
+ UseKeyWithType rootKey = new UseKeyWithType();
+ rootKey.setApplication(Applications.PKIX.getUri());
+ String subjectDN = certificateRoot.getSubjectX500Principal().getName();
+ rootKey.setIdentifier(subjectDN);
+ certificateRepo.saveTrustedCACertificate(certificateRoot, rootKey);
+
+ UseKeyWithType aliceKey = new UseKeyWithType();
+ aliceKey.setApplication(Applications.PKIX.getUri());
+ subjectDN = certificateAlice.getSubjectX500Principal().getName();
+ aliceKey.setIdentifier(subjectDN);
+ certificateRepo.saveCACertificate(certificateAlice, aliceKey);
+ }
+
+ @Test
+ public void testIsCertChainValid() throws CertificateException {
+ TrustedAuthorityValidator validator = new TrustedAuthorityValidator(certificateRepo);
+ Assert.assertTrue("Root should be valid",
+ validator.isCertificateChainValid(Arrays.asList(certificateRoot)));
+ Assert.assertTrue("Alice should be valid",
+ validator.isCertificateChainValid(Arrays.asList(certificateAlice)));
+ }
+
+ @Test
+ public void testRootCertIsValid() throws JAXBException, CertificateException {
+ StatusType result = processRequest("validateRequestOKRoot.xml");
+ Assert.assertEquals(KeyBindingEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_VALID, result.getStatusValue());
+ Assert.assertFalse(result.getValidReason().isEmpty());
+ Assert.assertEquals(ReasonEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_ISSUER_TRUST.value(), result
+ .getValidReason().get(0));
+ }
+
+ @Test
+ public void testAliceSignedByRootIsValid() throws JAXBException, CertificateException {
+ StatusType result = processRequest("validateRequestOKAlice.xml");
+ Assert.assertEquals(KeyBindingEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_VALID, result.getStatusValue());
+ Assert.assertFalse(result.getValidReason().isEmpty());
+ Assert.assertEquals(ReasonEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_ISSUER_TRUST.value(), result
+ .getValidReason().get(0));
+ }
+
+ @Test
+ public void testDaveSignedByAliceSginedByRootIsValid() throws JAXBException, CertificateException {
+ StatusType result = processRequest("validateRequestOKDave.xml");
+ Assert.assertEquals(KeyBindingEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_VALID, result.getStatusValue());
+ Assert.assertFalse(result.getValidReason().isEmpty());
+ Assert.assertEquals(ReasonEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_ISSUER_TRUST.value(), result
+ .getValidReason().get(0));
+ }
+
+ @Test
+ public void testSelfSignedCertOscarIsNotValid() throws JAXBException, CertificateException {
+ StatusType result = processRequest("validateRequestInvalidOscar.xml");
+ Assert.assertEquals(result.getStatusValue(), KeyBindingEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_INVALID);
+ Assert.assertFalse(result.getInvalidReason().isEmpty());
+ Assert.assertEquals(ReasonEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_ISSUER_TRUST.value(), result
+ .getInvalidReason().get(0));
+ }
+
+ private StatusType processRequest(String path) throws JAXBException, CertificateException {
+ @SuppressWarnings("unchecked")
+ JAXBElement<ValidateRequestType> request = (JAXBElement<ValidateRequestType>)u.unmarshal(this
+ .getClass().getResourceAsStream(PATH_TO_RESOURCES + path));
+ TrustedAuthorityValidator validator = new TrustedAuthorityValidator(certificateRepo);
+ return validator.validate(request.getValue());
+ }
+
+ private static X509Certificate readCertificate(String path) throws CertificateException {
+ InputStream inputStream = TrustedAuthorityValidatorTest.class.getResourceAsStream(PATH_TO_RESOURCES
+ + path);
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ return (X509Certificate)cf.generateCertificate(inputStream);
+ }
+
+}
Added: cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/alice.cer
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/alice.cer?rev=1493072&view=auto
==============================================================================
--- cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/alice.cer (added)
+++ cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/alice.cer Fri Jun 14 13:50:30 2013
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC7zCCAligAwIBAgIBATANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQGEwJERTEM
+MAoGA1UECAwDTlJXMRQwEgYDVQQKDAtEZW1vIENsaWVudDEXMBUGA1UEAwwOd3d3
+Lmlzc3Vlci5jb20wHhcNMTMwNTI5MDg0NTI4WhcNMjMwNTI3MDg0NTI4WjBYMQsw
+CQYDVQQGEwJERTEMMAoGA1UECBMDTlJXMQwwCgYDVQQHEwNDR04xDDAKBgNVBAoT
+A0NYRjEPMA0GA1UECxMGQXBhY2hlMQ4wDAYDVQQDEwVBbGljZTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAKy/WiJ3FX64AyQgE+OIQFXaTSX2ANLjGa2l
+eZUDjhGiD4bd5Y4lth1c2hSJSNyF80I/Z58pYfnL930lncAOPXpxFq88ngAgJJNu
+zWv68P8PNVrJ7s0t7MNOyhOKpmskTWZiYh51OkyzOc/LnEY0uhQr1BS4cmShdJbN
+CMo0DFNcTm0b5piYu9aga8p1mTiBTctjy0fif+zLvxMJ2X8szCZ2b7lM3FEMx4dx
++4cXFi8YF23L4CwShW6g65YCg+mC+VwuLOniwAHOV6WxLsjxyEs6hgdt+/Z9Mjdz
+YPT4rrzLfWkGoOFmZoY08XIjpmxoZKHD7vdrcjIMPEvGTWRzgRkCAwEAAaNTMFEw
+HQYDVR0OBBYEFOxINJ1wxyAigMDDkStdn/7oucgHMB8GA1UdIwQYMBaAFOB7SGdn
+5upcqrOlUkSW/QzLkgKDMA8GA1UdEwQIMAYBAf8CAQMwDQYJKoZIhvcNAQEFBQAD
+gYEAe4wp1RhLxKowAF7/OMI7ZxLAdLPWR/rapKrUdVn90XvzQjz5nW7Ohqe6VmsQ
+5lpSSRtxrEr1JRT34f6MsMzYmZMazRQgKDiqHnXtNFTwwuADT54yqfgzR+TOlJKr
+7OfJ72qKnBOTHn/All29UJwKvdMGXsg88Ou2fh6DS7fsfcA=
+-----END CERTIFICATE-----
Added: cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/dave.cer
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/dave.cer?rev=1493072&view=auto
==============================================================================
--- cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/dave.cer (added)
+++ cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/dave.cer Fri Jun 14 13:50:30 2013
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDIzCCAgsCAQEwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCREUxDDAKBgNV
+BAgTA05SVzEMMAoGA1UEBxMDQ0dOMQwwCgYDVQQKEwNDWEYxDzANBgNVBAsTBkFw
+YWNoZTEOMAwGA1UEAxMFQWxpY2UwHhcNMTMwNTI5MDg0ODU1WhcNMjMwNTI3MDg0
+ODU1WjBXMQswCQYDVQQGEwJERTEMMAoGA1UECBMDTlJXMQwwCgYDVQQHEwNDR04x
+DDAKBgNVBAoTA0NYRjEPMA0GA1UECxMGQXBhY2hlMQ0wCwYDVQQDEwREYXZlMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaNr3jK7TrxAseTLE7VifTAC
+zwQf/yLiBZ6mp3DxJZZ1f+9sJNDR8WWei31KC947HhFC0y3s1x8V2t/GIGFWv8Bl
+IF6wjFqZZfiQE0xEZy8yUfnDV2aWdXkni92zPNbttmWpeqD7gmv2VxCc+NdT1WZp
+EyU7aTw/2nRloxtKkwQxqRO2IJUAzRyCcu3i/rfjH2gPaf6tlMEE6IJspLzIqCxe
+0fS5G695o/aCkSB0iRaGe4neuHcCQl59GMgCQekjL4ZropwjrNyPeuTPrYI/2Ddr
+ZrK/mWbWPAJUttzWnTWOdh6VTkzXz839cT6xB0YCxJQh+IloVqSPE4sZs2+TiwID
+AQABMA0GCSqGSIb3DQEBBQUAA4IBAQApJMjAHReII+4RrTkHqANOn4Dhb0TFOa69
+M2SNfdzGd2CB8CHg7UVOxGFOYFXeSKrQipqH4/zJbj6cyXOgTUc7+7uDK3DjxxF5
+EY5Nts/jqrBGgrLa/vW5HmkkinKFvbzH+JcARzLKgoZp9k0j+qrisEATbY9HN/yM
+kEum1ChyYuEVNAq+AY1G/z9QPL1Ts7bd65LX9egYNFOQmMp4f6efbeT/9DfFTSrR
+iECJtjGrmrlyqqNunQKF0iYT7dttDAgshdcTYNCGc3YokuLFaoxoUCMryts72rQq
+OtY9Tp723QBJO82iYqv4wg2qxRLcjZZv7dqTeh2S+j4dEZaI82N/
+-----END CERTIFICATE-----
Added: cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/oscar.cer
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/oscar.cer?rev=1493072&view=auto
==============================================================================
--- cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/oscar.cer (added)
+++ cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/oscar.cer Fri Jun 14 13:50:30 2013
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIIDTzCCAjegAwIBAgIESPKeLjANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJERTEMMAoGA1UE
+CBMDTlJXMQwwCgYDVQQHEwNDR04xDDAKBgNVBAoTA0NYRjEPMA0GA1UECxMGQXBhY2hlMQ4wDAYD
+VQQDEwVPc2NhcjAeFw0xMzA1MjkwODQ5MjVaFw0yMzA1MjcwODQ5MjVaMFgxCzAJBgNVBAYTAkRF
+MQwwCgYDVQQIEwNOUlcxDDAKBgNVBAcTA0NHTjEMMAoGA1UEChMDQ1hGMQ8wDQYDVQQLEwZBcGFj
+aGUxDjAMBgNVBAMTBU9zY2FyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6WAbH39
+xSI4wRSm/ON3mPuWY4uCkkKbYDEw6u9nKa2SPVurOFCO8ihYsXwCELI00UQ5ZDZCDCgRPxaiRhvY
+jc+436ixmOzPCqPmhSXOsH40TvP4HHbssWJo5Rxnc8Tkb3K/EEK37gOyhs8KfZn4h6ycfbkvIFtj
+4e6JESVvPV+I+JtXBc2wfOTi5YgCmYFtfqAkbzfUWfcOeY3oKpnscY3AU5V4Wv7z77qqXpegPoCa
+2YfG3Dpq33npU4z1s9KW0K06QRvHF6JKUAsAzIce2S05XtuojRbJIC/ZV9d31PU3mpiQEb/VD6pW
+tYCW+OsaUdC8cL1TPcFIe0P9nRn97wIDAQABoyEwHzAdBgNVHQ4EFgQUDrYI3mDc10/Mprg47oyh
+LFcahp0wDQYJKoZIhvcNAQEFBQADggEBAASs0uILtTQTVXteyR8nOHDR9B2whPpk1DvrkAEk3fZ5
+6zMZnGnGg2iUDxEGw7WSvZMG8mYcnIMRrMePUnz6jmKG/Fy/5ZUOaBuCMkIfA/dA29Os5ltBThXG
+0YtrwAjvFekPKvFqQXLIThqSMKww2OqjeXiL1TG52c323xo/UbTuMn8r8rsnpFIVQDNgY7rNbTvu
+pbNMB1Cb85YpqIpeV5ewVvVDG1r5ID/My4iXLQug8Bk8/UpUdh2KG74oqqf1Xl3k6TEXooCw74ks
+qqQKyT3/wRYpxEaKo5jzssFmTDJyTuD3H0ASxUouIuyIwYvp5jhMcm7jQ3cdbMydk7NqX1g=
+-----END CERTIFICATE-----
Added: cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/root.cer
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/root.cer?rev=1493072&view=auto
==============================================================================
--- cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/root.cer (added)
+++ cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/root.cer Fri Jun 14 13:50:30 2013
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIICYjCCAcugAwIBAgIJAIBUDD+Ghp2oMA0GCSqGSIb3DQEBBQUAMEoxCzAJBgNVBAYTAkRFMQww
+CgYDVQQIDANOUlcxFDASBgNVBAoMC0RlbW8gQ2xpZW50MRcwFQYDVQQDDA53d3cuaXNzdWVyLmNv
+bTAeFw0xMzA1MjQxMjUxNDZaFw0yMzA1MjIxMjUxNDZaMEoxCzAJBgNVBAYTAkRFMQwwCgYDVQQI
+DANOUlcxFDASBgNVBAoMC0RlbW8gQ2xpZW50MRcwFQYDVQQDDA53d3cuaXNzdWVyLmNvbTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxeCtfXDqPmsAcYZGVeEUl2xe9vQl9veaSG6l8O/6QXXH
+3q78yUvQPHltO4PAooK6VamINpgBw2sHMl3sxFIrwJNh1tclXgtowgf/qwbC2TrGumK/bQTg6E0V
+Y1KXdC/tn11gxaEfic1e68gvGfPK18JnLeCw7/mOKafMKQHW8ZMCAwEAAaNQME4wHQYDVR0OBBYE
+FOB7SGdn5upcqrOlUkSW/QzLkgKDMB8GA1UdIwQYMBaAFOB7SGdn5upcqrOlUkSW/QzLkgKDMAwG
+A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAEbuWyVkHKeryUsajA4IjCthswSSoi7NggULj
+LvuHkdgvPJhADSrcsEKQWr8/HMorrKnGh20EAWzjIXwRJYOCrDiYyfWezAE2h36MjZK7jXyAswAT
+YSPINdRP8VdrXBlj1oh0krhLyJrpaONkmpVwxVvxKL0Fc/iEnn5nVtaUyGg=
+-----END CERTIFICATE-----
Added: cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/validateRequestInvalidOscar.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/validateRequestInvalidOscar.xml?rev=1493072&view=auto
==============================================================================
--- cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/validateRequestInvalidOscar.xml (added)
+++ cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/validateRequestInvalidOscar.xml Fri Jun 14 13:50:30 2013
@@ -0,0 +1,11 @@
+<ns2:ValidateRequest xmlns="http://www.w3.org/2000/09/xmldsig#"
+ xmlns:ns2="http://www.w3.org/2002/03/xkms#" xmlns:ns3="http://www.w3.org/2001/04/xmlenc#"
+ Id="CN=www.anothersts.com, L=CGN, ST=NRW, C=DE, O=AnotherSTS">
+ <ns2:QueryKeyBinding>
+ <KeyInfo>
+ <X509Data>
+ <X509Certificate>MIIDTzCCAjegAwIBAgIESPKeLjANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJERTEMMAoGA1UECBMDTlJXMQwwCgYDVQQHEwNDR04xDDAKBgNVBAoTA0NYRjEPMA0GA1UECxMGQXBhY2hlMQ4wDAYDVQQDEwVPc2NhcjAeFw0xMzA1MjkwODQ5MjVaFw0yMzA1MjcwODQ5MjVaMFgxCzAJBgNVBAYTAkRFMQwwCgYDVQQIEwNOUlcxDDAKBgNVBAcTA0NHTjEMMAoGA1UEChMDQ1hGMQ8wDQYDVQQLEwZBcGFjaGUxDjAMBgNVBAMTBU9zY2FyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6WAbH39xSI4wRSm/ON3mPuWY4uCkkKbYDEw6u9nKa2SPVurOFCO8ihYsXwCELI00UQ5ZDZCDCgRPxaiRhvYjc+436ixmOzPCqPmhSXOsH40TvP4HHbssWJo5Rxnc8Tkb3K/EEK37gOyhs8KfZn4h6ycfbkvIFtj4e6JESVvPV+I+JtXBc2wfOTi5YgCmYFtfqAkbzfUWfcOeY3oKpnscY3AU5V4Wv7z77qqXpegPoCa2YfG3Dpq33npU4z1s9KW0K06QRvHF6JKUAsAzIce2S05XtuojRbJIC/ZV9d31PU3mpiQEb/VD6pWtYCW+OsaUdC8cL1TPcFIe0P9nRn97wIDAQABoyEwHzAdBgNVHQ4EFgQUDrYI3mDc10/Mprg47oyhLFcahp0wDQYJKoZIhvcNAQEFBQADggEBAASs0uILtTQTVXteyR8nOHDR9B2whPpk1DvrkAEk3fZ56zMZnGnGg2iUDxEGw7WSvZMG8mYcnIMRrMePUnz6jmKG/Fy/5ZUOaBuCMkIfA/dA29Os5ltBThXG0YtrwAjvFekPKvFqQXLIThqSMKww2OqjeXiL1TG52c32
3xo/UbTuMn8r8rsnpFIVQDNgY7rNbTvupbNMB1Cb85YpqIpeV5ewVvVDG1r5ID/My4iXLQug8Bk8/UpUdh2KG74oqqf1Xl3k6TEXooCw74ksqqQKyT3/wRYpxEaKo5jzssFmTDJyTuD3H0ASxUouIuyIwYvp5jhMcm7jQ3cdbMydk7NqX1g=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </ns2:QueryKeyBinding>
+</ns2:ValidateRequest>
\ No newline at end of file
Added: cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/validateRequestOKAlice.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/validateRequestOKAlice.xml?rev=1493072&view=auto
==============================================================================
--- cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/validateRequestOKAlice.xml (added)
+++ cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/validateRequestOKAlice.xml Fri Jun 14 13:50:30 2013
@@ -0,0 +1,11 @@
+<ns2:ValidateRequest xmlns="http://www.w3.org/2000/09/xmldsig#"
+ xmlns:ns2="http://www.w3.org/2002/03/xkms#" xmlns:ns3="http://www.w3.org/2001/04/xmlenc#"
+ Id="CN=www.anothersts.com, L=CGN, ST=NRW, C=DE, O=AnotherSTS">
+ <ns2:QueryKeyBinding>
+ <KeyInfo>
+ <X509Data>
+ <X509Certificate>MIIC7zCCAligAwIBAgIBATANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQGEwJERTEMMAoGA1UECAwDTlJXMRQwEgYDVQQKDAtEZW1vIENsaWVudDEXMBUGA1UEAwwOd3d3Lmlzc3Vlci5jb20wHhcNMTMwNTI5MDg0NTI4WhcNMjMwNTI3MDg0NTI4WjBYMQswCQYDVQQGEwJERTEMMAoGA1UECBMDTlJXMQwwCgYDVQQHEwNDR04xDDAKBgNVBAoTA0NYRjEPMA0GA1UECxMGQXBhY2hlMQ4wDAYDVQQDEwVBbGljZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKy/WiJ3FX64AyQgE+OIQFXaTSX2ANLjGa2leZUDjhGiD4bd5Y4lth1c2hSJSNyF80I/Z58pYfnL930lncAOPXpxFq88ngAgJJNuzWv68P8PNVrJ7s0t7MNOyhOKpmskTWZiYh51OkyzOc/LnEY0uhQr1BS4cmShdJbNCMo0DFNcTm0b5piYu9aga8p1mTiBTctjy0fif+zLvxMJ2X8szCZ2b7lM3FEMx4dx+4cXFi8YF23L4CwShW6g65YCg+mC+VwuLOniwAHOV6WxLsjxyEs6hgdt+/Z9MjdzYPT4rrzLfWkGoOFmZoY08XIjpmxoZKHD7vdrcjIMPEvGTWRzgRkCAwEAAaNTMFEwHQYDVR0OBBYEFOxINJ1wxyAigMDDkStdn/7oucgHMB8GA1UdIwQYMBaAFOB7SGdn5upcqrOlUkSW/QzLkgKDMA8GA1UdEwQIMAYBAf8CAQMwDQYJKoZIhvcNAQEFBQADgYEAe4wp1RhLxKowAF7/OMI7ZxLAdLPWR/rapKrUdVn90XvzQjz5nW7Ohqe6VmsQ5lpSSRtxrEr1JRT34f6MsMzYmZMazRQgKDiqHnXtNFTwwuADT54yqfgzR+TO
lJKr7OfJ72qKnBOTHn/All29UJwKvdMGXsg88Ou2fh6DS7fsfcA=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </ns2:QueryKeyBinding>
+</ns2:ValidateRequest>
\ No newline at end of file
Added: cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/validateRequestOKDave.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/validateRequestOKDave.xml?rev=1493072&view=auto
==============================================================================
--- cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/validateRequestOKDave.xml (added)
+++ cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/validateRequestOKDave.xml Fri Jun 14 13:50:30 2013
@@ -0,0 +1,11 @@
+<ns2:ValidateRequest xmlns="http://www.w3.org/2000/09/xmldsig#"
+ xmlns:ns2="http://www.w3.org/2002/03/xkms#" xmlns:ns3="http://www.w3.org/2001/04/xmlenc#"
+ Id="CN=www.anothersts.com, L=CGN, ST=NRW, C=DE, O=AnotherSTS">
+ <ns2:QueryKeyBinding>
+ <KeyInfo>
+ <X509Data>
+ <X509Certificate>MIIDIzCCAgsCAQEwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCREUxDDAKBgNVBAgTA05SVzEMMAoGA1UEBxMDQ0dOMQwwCgYDVQQKEwNDWEYxDzANBgNVBAsTBkFwYWNoZTEOMAwGA1UEAxMFQWxpY2UwHhcNMTMwNTI5MDg0ODU1WhcNMjMwNTI3MDg0ODU1WjBXMQswCQYDVQQGEwJERTEMMAoGA1UECBMDTlJXMQwwCgYDVQQHEwNDR04xDDAKBgNVBAoTA0NYRjEPMA0GA1UECxMGQXBhY2hlMQ0wCwYDVQQDEwREYXZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaNr3jK7TrxAseTLE7VifTACzwQf/yLiBZ6mp3DxJZZ1f+9sJNDR8WWei31KC947HhFC0y3s1x8V2t/GIGFWv8BlIF6wjFqZZfiQE0xEZy8yUfnDV2aWdXkni92zPNbttmWpeqD7gmv2VxCc+NdT1WZpEyU7aTw/2nRloxtKkwQxqRO2IJUAzRyCcu3i/rfjH2gPaf6tlMEE6IJspLzIqCxe0fS5G695o/aCkSB0iRaGe4neuHcCQl59GMgCQekjL4ZropwjrNyPeuTPrYI/2DdrZrK/mWbWPAJUttzWnTWOdh6VTkzXz839cT6xB0YCxJQh+IloVqSPE4sZs2+TiwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQApJMjAHReII+4RrTkHqANOn4Dhb0TFOa69M2SNfdzGd2CB8CHg7UVOxGFOYFXeSKrQipqH4/zJbj6cyXOgTUc7+7uDK3DjxxF5EY5Nts/jqrBGgrLa/vW5HmkkinKFvbzH+JcARzLKgoZp9k0j+qrisEATbY9HN/yMkEum1ChyYuEVNAq+AY1G/z9QPL1Ts7bd65LX9egYNFOQmMp4f6efbeT/9DfF
TSrRiECJtjGrmrlyqqNunQKF0iYT7dttDAgshdcTYNCGc3YokuLFaoxoUCMryts72rQqOtY9Tp723QBJO82iYqv4wg2qxRLcjZZv7dqTeh2S+j4dEZaI82N/</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </ns2:QueryKeyBinding>
+</ns2:ValidateRequest>
\ No newline at end of file
Added: cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/validateRequestOKRoot.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/validateRequestOKRoot.xml?rev=1493072&view=auto
==============================================================================
--- cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/validateRequestOKRoot.xml (added)
+++ cxf/trunk/services/xkms/xkms-x509-handlers/src/test/resources/trustedAuthorityValidator/validateRequestOKRoot.xml Fri Jun 14 13:50:30 2013
@@ -0,0 +1,11 @@
+<ns2:ValidateRequest xmlns="http://www.w3.org/2000/09/xmldsig#"
+ xmlns:ns2="http://www.w3.org/2002/03/xkms#" xmlns:ns3="http://www.w3.org/2001/04/xmlenc#"
+ Id="CN=www.anothersts.com, L=CGN, ST=NRW, C=DE, O=AnotherSTS">
+ <ns2:QueryKeyBinding>
+ <KeyInfo>
+ <X509Data>
+ <X509Certificate>MIICYjCCAcugAwIBAgIJAIBUDD+Ghp2oMA0GCSqGSIb3DQEBBQUAMEoxCzAJBgNVBAYTAkRFMQwwCgYDVQQIDANOUlcxFDASBgNVBAoMC0RlbW8gQ2xpZW50MRcwFQYDVQQDDA53d3cuaXNzdWVyLmNvbTAeFw0xMzA1MjQxMjUxNDZaFw0yMzA1MjIxMjUxNDZaMEoxCzAJBgNVBAYTAkRFMQwwCgYDVQQIDANOUlcxFDASBgNVBAoMC0RlbW8gQ2xpZW50MRcwFQYDVQQDDA53d3cuaXNzdWVyLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxeCtfXDqPmsAcYZGVeEUl2xe9vQl9veaSG6l8O/6QXXH3q78yUvQPHltO4PAooK6VamINpgBw2sHMl3sxFIrwJNh1tclXgtowgf/qwbC2TrGumK/bQTg6E0VY1KXdC/tn11gxaEfic1e68gvGfPK18JnLeCw7/mOKafMKQHW8ZMCAwEAAaNQME4wHQYDVR0OBBYEFOB7SGdn5upcqrOlUkSW/QzLkgKDMB8GA1UdIwQYMBaAFOB7SGdn5upcqrOlUkSW/QzLkgKDMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAEbuWyVkHKeryUsajA4IjCthswSSoi7NggULjLvuHkdgvPJhADSrcsEKQWr8/HMorrKnGh20EAWzjIXwRJYOCrDiYyfWezAE2h36MjZK7jXyAswATYSPINdRP8VdrXBlj1oh0krhLyJrpaONkmpVwxVvxKL0Fc/iEnn5nVtaUyGg=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </ns2:QueryKeyBinding>
+</ns2:ValidateRequest>
\ No newline at end of file